]>
Commit | Line | Data |
---|---|---|
9efefde7 | 1 | <?php |
2d183941 JR |
2 | define('WEBOS', TRUE); |
3 | require_once('common.php'); | |
9efefde7 JR |
4 | |
5 | if (empty($_POST['user']) || empty($_POST['pass'])) { | |
2d183941 | 6 | make_error('Username or password empty.', 1); |
9efefde7 | 7 | } |
2d183941 | 8 | $sth = $db->prepare('SELECT uid, displayname FROM users WHERE username = ? AND password = ?'); |
9efefde7 JR |
9 | $sth->bind_param('ss', $_POST['user'], sha1(PWSALT.$_POST['pass'])); |
10 | $sth->execute(); | |
2d183941 | 11 | $sth->bind_result($uid, $dispname); |
9efefde7 | 12 | if (!$sth->fetch()) { // no row returned |
2d183941 | 13 | make_error('Username or password incorrect.', 2); |
9efefde7 JR |
14 | } |
15 | ||
16 | // row returned, user/pw good | |
17 | $sth->close(); | |
18 | $sth = $db->prepare('INSERT INTO sessions(sid, uid, started, last, active) VALUES (NULL, ?, NOW(), NOW(), 1)'); | |
19 | $sth->bind_param('i', $uid); | |
20 | $sth->execute(); | |
21 | $sid = $sth->insert_id; | |
22 | ||
2d183941 | 23 | make_reply('Logged in!', array('uid' => $uid, 'sid' => $sid, 'name' => $dispname)); |